package com.hna.face.security;

import com.hna.face.exception.Codes;
import com.hna.face.exception.IotException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Component
public class SecurityInterceptor extends HandlerInterceptorAdapter {
	private static final String API_KEY = "api_key";

	@Autowired
	private ApiKeyService apiKeyService;

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
			throws Exception {
		//校验api_key
		String accessToken = request.getHeader(API_KEY);
		if (accessToken == null) {
			throw new IotException(Codes.BAD_REQUEST, "Invalid AccessToken");
		}

//		Claims claims = apiKeyService.verifyToken(accessToken);
//		if (!claims.isValid()) {
//			throw new BotException(Codes.UNAUTHORIZED, "Invalid AccessToken");
//		}
//
//		request.setAttribute(BIM_USER_NAME_ATTRIBUTE, new BimUserName().setUserName(claims.getSubject()));
		return true;
	}

}